Maine breach portal abused to publish fake data breach disclosures
…avatars in user-created virtual worlds. The fake VRChat data breach e ntry notes that personal data of more than 2.4 million users was exposed to hackers after they gained access…
Search
Hackers earn $1,298,250 for 47 zero-days at Pwn2Own Berlin 2026
… Throughout the contest, the hackers targeted fully patched products across web browsers, enterprise applications, local privilege escalation, servers, local inference, cloud-native/container environments, virtualization, and LLM categories. …
Windows 11 and Microsoft Edge hacked at Pwn2Own Berlin 2026
… Security researchers targeting fully patched products in the web browser, virtualization, local privilege escalation, servers, enterprise applications, cloud-native/container, local inference, and LLM categories can earn over $1,000,000 in cash and prizes. …
Chinese APT deploys new malware to keep access to hacked networks
…CISA warned about Brickstorm being deployed by Chinese hackers against VMware vSphere servers , and, more recently, Google reported that it was deployed by UNC6201 against Dell RecoverPoint for Virtual Machines. Victim hacked…
Ransomware gang abuses Microsoft Teams relays to hide malicious traffic
…According to researchers at the cybersecurity company Symantec, the hackers used custom Go-based malware in an attack against a major U.S. services company. Backdoor.Turn abuses Teams' TURN infrastructure by…
Credit card theft campaign abuses Stripe to host stolen payment info
…Hackers use pixel-large SVG trick to hide credit card stealer Funnel Builder WordPress plugin bug exploited to steal credit cards Škoda warns of customer data breach after online shop hack SAP…
Microsoft Self-Service Password Reset abused in Azure data theft attacks
…To make the ruse more convincing, the hacker poses as an IT support employee requiring urgent verification of the account. The hacker then reset the password, removed the MFA controls, and enrolled…
Police seize “First VPN” service used in ransomware, data theft attacks
Police seize “First VPN” service used in ransomware, data theft attacks By Bill Toulas May 21, 2026 09:09 AM A virtual private network service called 'First VPN,' used in ransomware and…
AI-built ransomware toolkit automates EDR evasion, AD discovery
…Some of the malware created this way was tested in virtual environments against EDR tools from Sophos, CrowdStrike, and Microsoft. Despite the malware research and development orchestrated using AI technology, the researchers…
ChatGPT share links abused to host fake outage pages to deliver malware
…BleepingComputer's test of the Windows version on Any.Run found that it executes various commands to determine whether the device is a legitimate computer or a virtual machine. Push Security also…